Otdfbt

Multi tool use

What was the first story to feature the plot "the monsters were human all along"?

Word meaning as function of the composition of its phonemes

Why did Thanos need his ship to help him in the battle scene?

Why aren't nationalizations in Russia described as socialist?

Would glacier 'trees' be plausible?

Out of scope work duties and resignation

Why do people keep telling me that I am a bad photographer?

Floor of Riemann zeta function

What does 'made on' mean here?

Are there any of the Children of the Forest left, or are they extinct?

How to write a 12-bar blues melody

Flatness of submodules of free modules

Should I dumb down my writing in a foreign country?

Why wasn't the Night King naked in S08E03?

How do inspiraling black holes get closer?

How did the Venus Express detect lightning?

Are pressure-treated posts that have been submerged for a few days ruined?

What is the solution to this metapuzzle from a university puzzling column?

Can a Valor bard Ready a bard spell, then use the Battle Magic feature to make a weapon attack before releasing the spell?

Why is "breaking the mould" positively connoted?

What are the advantages of luxury car brands like Acura/Lexus over their sibling non-luxury brands Honda/Toyota?

Has the Hulk always been able to talk?

Why did the Apollo 13 crew extend the LM landing gear?

Shutter speed -vs- effective image stabilisation

Lock access to error_log from url

URL rewrite on custom Wordpress siteDenying folder in Nginx causing PHP-FPM to not take precedencehtaccess redirect whole url as parameterRestrict access to entire website except the homepage using .htacessApache 2.4.9 on Debian 7.8 - .htaccess options not allowedNginx 0.7.43 to proxypass a Wordpress site to Apache 2.4 + PHP 5.6Security Wordpress on IIS hosted sites.htaccess redirection from subfolder to subdomain with url rewrite404 Error for Permalinks with Apache Alias and WordpressApache: Issue with .profile in the URL

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;

1

I have a website on WordPress.

Versions:

• WordPress 3.3.1


• PHP 7.2.13


• Apache 2.4.37

My problem is that, error_log file is exposed to be viewed from url.

For example:

www.example.com/wp-content/themes/MyThemeName/error_log

Can you please help me with dealing this and restricting access to error_log ?!

apache-2.4 .htaccess wordpress deny

share|improve this question

edited Apr 25 at 10:00

MrWhite

6,46921426

asked Apr 25 at 8:59

nikanika

61

add a comment | 

1

I have a website on WordPress.

Versions:

• WordPress 3.3.1


• PHP 7.2.13


• Apache 2.4.37

My problem is that, error_log file is exposed to be viewed from url.

For example:

www.example.com/wp-content/themes/MyThemeName/error_log

Can you please help me with dealing this and restricting access to error_log ?!

apache-2.4 .htaccess wordpress deny

share|improve this question

edited Apr 25 at 10:00

MrWhite

6,46921426

asked Apr 25 at 8:59

nikanika

61

add a comment | 

I have a website on WordPress.

Versions:

• WordPress 3.3.1


• PHP 7.2.13


• Apache 2.4.37

My problem is that, error_log file is exposed to be viewed from url.

For example:

www.example.com/wp-content/themes/MyThemeName/error_log

Can you please help me with dealing this and restricting access to error_log ?!

apache-2.4 .htaccess wordpress deny

share|improve this question

edited Apr 25 at 10:00

MrWhite

6,46921426

asked Apr 25 at 8:59

nikanika

61

www.example.com/wp-content/themes/MyThemeName/error_log

share|improve this question

edited Apr 25 at 10:00

MrWhite

6,46921426

asked Apr 25 at 8:59

nikanika

61

share|improve this question

edited Apr 25 at 10:00

MrWhite

6,46921426

asked Apr 25 at 8:59

nikanika

61

edited Apr 25 at 10:00

MrWhite

6,46921426

edited Apr 25 at 10:00

MrWhite

6,46921426

asked Apr 25 at 8:59

nikanika

61

asked Apr 25 at 8:59

nikanika

61

1 Answer
1

active

oldest

votes

2

Best is to reconfigure your website to NOT store log files in a public directory in the first place.

Adding the following to your httpd.conf (or if you must, to a .htaccess file) is one way to block access to specific files:

<Files "error_log">
 Require all denied 
</Files> 

share|improve this answer

answered Apr 25 at 9:36

HBruijnHBruijn

57.4k1190153

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I tried this code into .htaccess and restarted server. url is still accessible and logs in it are visible.
  
  – nika
  Apr 25 at 10:03
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f964534%2flock-access-to-error-log-from-url%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

2

Best is to reconfigure your website to NOT store log files in a public directory in the first place.

Adding the following to your httpd.conf (or if you must, to a .htaccess file) is one way to block access to specific files:

<Files "error_log">
 Require all denied 
</Files> 

share|improve this answer

answered Apr 25 at 9:36

HBruijnHBruijn

57.4k1190153

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I tried this code into .htaccess and restarted server. url is still accessible and logs in it are visible.
  
  – nika
  Apr 25 at 10:03
  

  
  
  
  

add a comment | 

2

Best is to reconfigure your website to NOT store log files in a public directory in the first place.

Adding the following to your httpd.conf (or if you must, to a .htaccess file) is one way to block access to specific files:

<Files "error_log">
 Require all denied 
</Files> 

share|improve this answer

answered Apr 25 at 9:36

HBruijnHBruijn

57.4k1190153

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I tried this code into .htaccess and restarted server. url is still accessible and logs in it are visible.
  
  – nika
  Apr 25 at 10:03
  

  
  
  
  

add a comment | 

Best is to reconfigure your website to NOT store log files in a public directory in the first place.

Adding the following to your httpd.conf (or if you must, to a .htaccess file) is one way to block access to specific files:

<Files "error_log">
 Require all denied 
</Files> 

share|improve this answer

answered Apr 25 at 9:36

HBruijnHBruijn

57.4k1190153

<Files "error_log">
 Require all denied 
</Files> 

share|improve this answer

answered Apr 25 at 9:36

HBruijnHBruijn

57.4k1190153

answered Apr 25 at 9:36

HBruijnHBruijn

57.4k1190153

answered Apr 25 at 9:36

HBruijnHBruijn

57.4k1190153